Venminder Launches Exchange Network for Collaboration Between Vendors and Third-Party Risk Professionals Accelerating Due Diligence Efforts

Venminder

Venminder, an industry-recognized provider of third-party risk management solutions, today announced they have launched the Venminder Exchange, a secure 2-sided network for the flow of Venminder’s proprietary analyzed vendor data.

Venminder, an industry-recognized provider of third-party risk management solutions, today announced they have launched the Venminder Exchange, a secure 2-sided network for the flow of Venminder’s proprietary analyzed vendor data.

To achieve industry standards and meet regulatory requirements, organizations must complete detailed due diligence reviews on their vendors. This is often a time extensive exercise involving the gathering of documentation, artifacts, and sending/receiving of questionnaires from vendors and then giving all that information to an appropriate, qualified expert to review it for risks. Since the expertise needed varies based on the area being reviewed, it is a huge drain on valued internal resources or requires multiple dedicated hires. With the Venminder Exchange, thousands of already completed Control Assessments have been added by Venminder’s qualified and certified experts, including CISSPs, CPAs, and paralegals, and added to the searchable exchange for a purchase.

“We are very excited about the launch of the Venminder Exchange and what it means for the future of due diligence for all sides involved – vendors and their clients and prospects,” said Dana Bowers, founder and chief solution architect of Venminder. “The Venminder Exchange will be a valuable asset to third-party risk professionals for quickly finding risk scores on their vendors and purchasing the assessments as and when they need. For vendors, it provides transparency and knowledge into the risk assessment process that is inherently vital to every third-party risk management program. Collaboration between all parties will undoubtedly improve the outcome for everyone involved.”

The Venminder Exchange launched this week with the first of many planned phases. The company is currently inviting vendors into the exchange to view and collaborate with Venminder on the assessments that have been completed on their organization. This advance period will give vendors the opportunity to learn how an independent third party, such as Venminder, views their stated controls and associated risk. Venminder will also offer training to vendors on how to accelerate the due diligence process by proactively sharing their Venminder assessments with clients or prospects. In the final phase, the Venminder Exchange will be available, by invitation only, to third-party risk professionals across the globe, who can register, search vendors, preview scores and go through the authorization process, with the vendor, of purchasing the full Control Assessments.

“Venminder is an all-in-one partner for all things third-party risk,” said James Hyde, CEO of Venminder. “We are extremely unique to the market in that we are 100% dedicated to third-party risk. While it’s fairly common to find initiatives for sharing access to a library of control documents, Venminder completes the final mile by actually assessing the documents and assigning a risk score saving valuable time and resources to complete the risk assessment process. We take our commitment to the market quite seriously evidenced by our library of thousands of Control Assessments, continued development of our world-class software platform, staffing of respected domain and subject matter experts as well as our ongoing certified education offerings. This newest edition of The Exchange is the next chapter in Venminder’s continued rapid growth by optimizing and streamlining the due diligence and risk assessment process for our clients and vendors alike.”

Venminder has now grown to over 800 customers across all industries and is on track to deliver over 30,000 Control Assessments in 2020. The Venminder Exchange will allow the company to distribute Control Assessments more efficiently and facilitate the building of vendor relationships. Control Assessments include risk ratings and assessments covering:

  • The financial health and viability of a vendor.
  • A vendor’s SOC reports, including an assessment of their internal control environment, areas of concern, and any recommended next steps.
  • A review of the vendor’s business continuity and disaster recovery documentation, including plans, testing, and recovery point and time objectives.
  • A review of the most critical elements of a vendor’s cybersecurity preparedness to identify areas of potential weakness.